Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/3A4EF220A8A711EF9CFB1394762E951A.roa
File: 3A4EF220A8A711EF9CFB1394762E951A.roa (raw, json)
Hash identifier: L1LHN+SJMi+Tgbc6P2tpj/rVnix2khr9hjlkpH0IVPE=
Subject key identifier: C3:68:C6:C0:6C:CD:7B:F3:4D:45:E0:B3:CD:4D:B8:1C:7E:FC:EF:3A
Certificate issuer: /CN=F36A42DFAF/serialNumber=9B5668BC13211131DF0ED3EE9C25D3114C54B293
Certificate serial: 01CC
Authority key identifier: 9B:56:68:BC:13:21:11:31:DF:0E:D3:EE:9C:25:D3:11:4C:54:B2:93
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/m1ZovBMhETHfDtPunCXTEUxUspM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/3A4EF220A8A711EF9CFB1394762E951A.roa
Signing time: Fri 22 Nov 2024 07:56:06 +0000
ROA not before: Fri 22 Nov 2024 07:56:02 +0000
ROA not after: Fri 24 Nov 2034 07:56:02 +0000
asID: 328170
IP address blocks: 102.22.80.0/22 maxlen: 24
102.67.136.0/21 maxlen: 24
102.211.28.0/22 maxlen: 24
102.221.36.0/22 maxlen: 24
2c0f:ed68::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/m1ZovBMhETHfDtPunCXTEUxUspM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/m1ZovBMhETHfDtPunCXTEUxUspM.mft
rsync://rpki.afrinic.net/repository/afrinic/m1ZovBMhETHfDtPunCXTEUxUspM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 460 (0x1cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A42DFAF/serialNumber=9B5668BC13211131DF0ED3EE9C25D3114C54B293
Validity
Not Before: Nov 22 07:56:02 2024 GMT
Not After : Nov 24 07:56:02 2034 GMT
Subject: CN=67403916-9f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9b:3c:20:7e:1f:01:63:09:82:c5:69:ec:1e:
6c:66:f9:63:93:17:fd:61:00:c6:dc:46:8c:9f:d0:
ff:05:d6:2b:20:0d:a5:48:b6:a4:b1:3a:60:80:b8:
52:7e:e1:42:16:54:55:90:3e:1d:7c:27:e1:a7:bc:
c4:27:30:4c:d6:d7:cf:3a:48:1b:62:57:b8:ea:31:
f5:b6:37:51:bb:8b:bb:e4:e3:2d:08:96:6c:00:58:
0c:cc:f0:4f:e9:8b:1c:ec:90:9d:29:cc:38:dd:1a:
a8:98:83:24:a1:89:95:c6:80:aa:f9:66:59:66:6e:
1f:11:db:d3:6c:42:57:c5:16:6f:94:90:1d:3d:70:
02:7a:c4:e5:17:c5:31:5a:19:ea:13:9b:8b:4f:e9:
96:7c:1e:3e:a6:a3:4a:0b:f1:11:21:14:74:b8:68:
00:18:fb:83:84:95:5e:d9:48:d7:65:35:bc:6a:20:
1c:18:c4:83:9d:3b:ce:ec:1a:76:a2:39:f5:f1:42:
5e:15:f8:ad:a7:0f:b2:dc:0d:40:b4:dd:67:bf:5f:
2a:b5:a0:e1:8f:db:b0:e0:7f:3f:5f:d5:5b:ed:d5:
5e:7e:87:ea:25:cb:be:fd:ca:e4:e2:ed:d1:e9:c0:
1f:8c:76:97:7e:6d:e6:a7:09:e1:be:25:1e:59:45:
7f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:68:C6:C0:6C:CD:7B:F3:4D:45:E0:B3:CD:4D:B8:1C:7E:FC:EF:3A
X509v3 Authority Key Identifier:
keyid:9B:56:68:BC:13:21:11:31:DF:0E:D3:EE:9C:25:D3:11:4C:54:B2:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/m1ZovBMhETHfDtPunCXTEUxUspM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/m1ZovBMhETHfDtPunCXTEUxUspM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/3A4EF220A8A711EF9CFB1394762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.22.80.0/22
102.67.136.0/21
102.211.28.0/22
102.221.36.0/22
IPv6:
2c0f:ed68::/32
Signature Algorithm: sha256WithRSAEncryption
a0:ee:64:56:4a:eb:81:05:b1:ca:3e:b6:80:36:d7:c7:33:2c:
eb:33:65:3f:d6:80:40:62:e8:e2:9b:2f:8c:de:5b:fd:cb:87:
5e:54:09:21:26:93:f6:5e:e4:84:00:d0:e1:82:f0:4f:41:fa:
ce:b9:59:24:5a:60:63:44:a1:58:63:2a:6a:86:aa:65:47:a3:
58:d1:e9:47:da:db:42:35:55:c6:c3:53:b6:7e:45:7a:7a:fc:
c6:fc:36:ed:cc:d2:0a:ea:b3:05:c4:0d:e3:8a:ad:d9:b9:b8:
c4:12:4f:23:e8:6c:7d:d5:f5:a5:aa:f0:75:63:32:59:b6:c9:
59:64:f7:4e:d4:a5:6d:29:86:3e:95:3f:9c:b7:b6:19:cd:fc:
82:fb:3f:42:83:4e:3d:28:eb:05:f1:ae:80:a2:a5:39:99:d0:
76:f9:f7:3a:53:47:7d:09:03:33:c0:0e:04:0c:42:b0:6c:e9:
f1:a7:26:ba:bf:c1:a2:0a:d1:4f:28:8b:e5:79:af:2d:9e:fd:
e9:c7:f3:a4:5d:09:1f:14:1c:7f:fa:e2:04:5f:5f:8d:2c:9a:
0d:66:28:b7:5e:12:48:a1:16:12:bc:fc:f4:2a:0c:41:30:c4:
5e:23:43:1e:b5:bc:d3:54:aa:76:93:04:3a:73:31:f3:39:d3:
b6:71:31:1a
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICAcwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQyREZBRjExMC8GA1UEBRMoOUI1NjY4QkMxMzIxMTEzMURGMEVEM0VFOUMyNUQz
MTE0QzU0QjI5MzAeFw0yNDExMjIwNzU2MDJaFw0zNDExMjQwNzU2MDJaMBgxFjAU
BgNVBAMTDTY3NDAzOTE2LTlmMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGmzwgfh8BYwmCxWnsHmxm+WOTF/1hAMbcRoyf0P8F1isgDaVItqSxOmCA
uFJ+4UIWVFWQPh18J+GnvMQnMEzW1886SBtiV7jqMfW2N1G7i7vk4y0IlmwAWAzM
8E/pixzskJ0pzDjdGqiYgyShiZXGgKr5Zllmbh8R29NsQlfFFm+UkB09cAJ6xOUX
xTFaGeoTm4tP6ZZ8Hj6mo0oL8REhFHS4aAAY+4OElV7ZSNdlNbxqIBwYxIOdO87s
GnaiOfXxQl4V+K2nD7LcDUC03We/Xyq1oOGP27Dgfz9f1Vvt1V5+h+oly779yuTi
7dHpwB+Mdpd+beanCeG+JR5ZRX9XAgMBAAGjggLGMIICwjAdBgNVHQ4EFgQUw2jG
wGzNe/NNReCzzU24HH787zowHwYDVR0jBBgwFoAUm1ZovBMhETHfDtPunCXTEUxU
spMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0MkRGLzlFRjNEQjgyNEQ2MzExRUVBMzYzNTg4MTRBRDlFNkZDL20xWm92
Qk1oRVRIZkR0UHVuQ1hURVV4VXNwTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL20xWm92Qk1oRVRIZkR0UHVuQ1hURVV4VXNwTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE0MkRGLzlFRjNEQjgyNEQ2MzExRUVBMzYzNTg4MTRB
RDlFNkZDLzNBNEVGMjIwQThBNzExRUY5Q0ZCMTM5NDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAJmFlADBANmQ4gDBAJm0xwD
BAJm3SQwDQQCAAIwBwMFACwP7WgwDQYJKoZIhvcNAQELBQADggEBAKDuZFZK64EF
sco+toA218czLOszZT/WgEBi6OKbL4zeW/3Lh15UCSEmk/Ze5IQA0OGC8E9B+s65
WSRaYGNEoVhjKmqGqmVHo1jR6Ufa20I1VcbDU7Z+RXp6/Mb8Nu3M0grqswXEDeOK
rdm5uMQSTyPobH3V9aWq8HVjMlm2yVlk907UpW0phj6VP5y3thnN/IL7P0KDTj0o
6wXxroCipTmZ0Hb59zpTR30JAzPADgQMQrBs6fGnJrq/waIK0U8oi+V5ry2e/enH
86RdCR8UHH/64gRfX40smg1mKLdeEkihFhK8/PQqDEEwxF4jQx61vNNUqnaTBDpz
MfM507ZxMRo=
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:54:25 2024 by rpki-client on console-fra.rpki-client.org